SAP Associate Consultant

Location:

Posted:

September 08, 2021

Resume:

Employment Summary

Total * yearsof experience in the field of information technology risk and controls, with specialized experience on SAP Application Security design, build and support and teaching.I have experience of security and authorization of ECC security, HR and GRC AC. I have worked on SOX controls and Business Process controls along with SAP security role design and segregation of duties design. Worked on Virsa Firefighter and Virsa compliance calibrator tools. Have experience of Security role implementation, support and roll out, role design projects.

EDUCATIONAL QUALIFICATIONS

Bachelor of Computer Science (B.Sc) Osmania University, Hyderabad, Telangana.

TECHNICAL SKILLS

●Technology : SAP Security ECC 6.0, GRC-AC 10.x

●Platforms : Windows, Linux

●Tools : Service Now, CPS, JIRA

Professional Experience

LARSEN&TOUBRO INFOTECH LTD(LTI) Oct 2020-Till Date.

Project : PBF Energy (SAP & Non-SAP Systems)

Job Title : Associate Consultant

Team Size: 4

Key Responsibilities:

Working on SAP ECC, GRC and SOLMAN systems.

Working on Non-SAP systems Ariba, DB, Chemical,Track, RAS,Power Plan systems.

Working on Zema,Octopus,Sabrix and Tableau systems.

Performed risk analysis using ARA for users and roles in execution and simulation modes.

Performed mitigation against various risks for users & roles.

Activating application in client (SPRO), Check sap ICF service (SICF), Activating BC sets.

Adding the connector to auth scenario, enabling the right rule set.

Assign connector to the logical groups, Generating rule set, job synchronizing authorization, Run the first analysis.

Creating the Fire-fighter-Id with Emergency access.

Assigning the Fire fighter-id to fire fighters with proper approvals.

Performed User & Role analysis to find the existing SOD violation for users and roles.

Configured MSMP workflows

End to End SAP GRC 10.0 Implementation of ARA,ARM,BRM,EAM

Configured ARA tool for rules design, SOD, remediation and migration controls

Performing remediation and mitigation against various risks associated with roles and users

Creating and assigning FF ID’s and extracting Fire Fighter logs

Analyse and fix the missing authorizations.

Extensively worked on SUIM in generating reports for and analysing authorization issues

Locking/deactivating accounts as per client request

Restricting authorizations of fields, field values

Worked on Fire fighter to assign FF IDs to ID Owners & Controllers and maintaining reason codes

Responsible for designing and working on process enhancements

Responsible for coordinating between onsite and offshore project team for smooth execution of project activities

Interacting with other SAP teams and technical teams to resolve security issues

Coordinate workshops and discussions across various processes and departments (Purchasing, Sales, FI, HR, MM, etc.) and gathered the security and control requirements

Performing remediation and mitigation against various risks associated with roles and users

Creating and assigning FF ID’s and extracting Fire Fighter logs

Worked on Detailed design document (DDD’s) and Work packages

Provide periodic progress feedback to Security Operations Manager on Security Activities, Risks and Issues.

Creation of Roles, Profiles, Authorizations Adding Authorization Objects.

User administration like creating, modifying and password resetting based on user request.

Managed and created new users, groups for easy administration.

Mass user maintenance through SU10 and handling user issues through SU53, SU56 and System Trace ST01,STAUTHTRACE

Extensively used SUIM transaction code for security analysis.

Analyse and fix the missing authorizations.

Extensively worked on SUIM in generating reports for and analysing authorization issues

Locking/deactivating accounts as per client request

Restricting authorizations of fields, field values

Worked on Fire fighter to assign FF IDs to ID Owners & Controllers and maintaining reason codes

Responsible for designing and working on process enhancements

Responsible for coordinating between onsite and offshore project team for smooth execution of project activities

Interacting with other SAP teams and technical teams to resolve security issues

Coordinate workshops and discussions across various processes and departments (Purchasing, Sales, FI, HR, MM, etc.) and gathered the security and control requirements

Performed Job/position level SOD analysis and provided recommendations on resolving the SOD Conflicts from positions

Worked on gathering business requirements, analyzed, built, tested and implemented security

Designed security structure for development and IT support teams across all systems in landscape

Prepared test scripts for security unit testing and integration testing

Handled production cutover activities and go live support

Created single and composite roles

Created master and derive roles

Created user accounts and assigned roles and profiles

Involved in troubleshooting security issues during Security Unit and Integration testing cycles. Performed root cause analysis of the issues encountered and resolved them

Worked on ad hoc requests related to security

Creating SAP user accounts as per the client request

User role Modifications and maintenance.

KPMG Feb'2020–Sept 2020.

Project: VIACOM 18

Title: Associate Consultant

Team Size: 4

Key Responsibilities:

Implemented GRC Access Control Suite. Configured SAP GRC components ARA, ARM and EAM

Configured MSMP workflows

End to End SAP GRC 10.0 Implementation of ARA,ARM,BRM,EAM

Configured ARA tool for rules design, SOD, remediation and migration controls

Performing remediation and mitigation against various risks associated with roles and users

Creating and assigning FF ID’s and extracting Fire Fighter logs

Worked on Detailed design document (DDD’s) and Work packages

Provide periodic progress feedback to Security Operations Manager on Security Activities, Risks and Issues

Overall Role Management (Creation/Change/Deletion of role)

Configured logon parameters using system profiles.

Worked on User Missing authorizations and assigned based on the approvals.

Worked on Important authorization objects like S_DEVELOP, S_PROGRAM, and S_TABU_DIS.

Maintaining the USR40 table for illegal password

Good working knowledge of AGR* tables

Supported users at different levels for the security issues.

Maintaining Connectors and Connection Type

Maintaining Connection Settings, Connector settings, & Configuration settings – Parameters

Configuring the AC Owners, Role Owners in Assignment Approver, Role Concept Approver Mitigating approver and monitor etc.

Finalized the list of GRC predefined roles to be assigned to each owner as required.

Maintaining Rule Set, Function ID & Risk ID with Risk Owners and generating rules

Created Mitigation Approvers & Monitors and created mitigating IDs

Scheduling Background jobs related to Authorization, Repository Object, Action Usage and Role Usage Jobs.

Generated MSMP Rule for Process, defined Business Rule Framework through BRF+, Mapped BRF+ application with MSMP workflow and defined request types for Process ID.

Hexaware India March’2018 - Feb' 2020

ClientGate Group International

TITLE: Senior Software Engineer

Team Size: 3

Key Responsibilities:

Implemented GRC Access Control Suite. Configured SAP GRC components ARA, ARM and EAM.

Had an opportunity to take part in Implementation & support project of SAP GRC ACCESS CONTROL 10.1.

Configured common settings like GRC AC post-installation tasks through specific IMG Activity nodes.